Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 5.3.1
Affects Version/s: 5.2
Component/s: None
Labels:
- affects-server
- cvss-high
- editor
- loyalty
- security
- xss

CVSS Score:
6.5
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

To reproduce:
1. Attach a ".ppt" file to the page. (any file with that extension - doesn't need to be a powerpoint file)
2. Add "Office Powerpoint" macro with Slide Number as:

"><script>alert(document.domain)</script>

3. View page.

See officeconnector, PptConverter.java, line 97.

Attachments

Activity

People

Assignee:: PatrickA

Reporter:: Dougall Johnson

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 04/Sep/2013 12:24 AM

Updated:: 11/Oct/2018 8:45 AM

Resolved:: 01/Oct/2013 5:26 AM